Posts Tagged ‘Security’

Microsoft has been talking up it’s security on the upcoming Longhorn server, saying a couple features such as a self healing file system and an automatic patch check system. The self healing file system will take care of things such as bad sectors, and even cpu’s with a high number of self correcting errors, but really all it is is some of the desk checking utilites, such as chkdsk and defrag will be running in the background.

One of the new features is “secure-at-install,” which is designed to help secure new installations of the operating system in specific server roles. When a new server is installed as a terminal server or file server, for example, the system will automatically find and apply security updates that apply to a particular role, Microsoft said.

NAP, or network access protection, will also be included int he server OS, which will let users perform a check on PCs connecting to their network and block clients that don’t meet rules, such as the latest patches and virus signatures.

At an unspecified time after it releases Longhorn Server, Microsoft plans to add a Security Token Service, or STS, to Active Directory. This new service is to extend capabilities Microsoft plans to offer with Active Directory Federation Services, or ADFS, which is set to ship with Windows Server 2003 R2.

STS also will support InfoCard, a code name for a new Microsoft technology designed to provide secure storage for identity information that will be shared with online services such as Web stores.

They also made WinFx available, which is designed to make it easy for developers to use some of the security features in Windows, meaning they would no longer have to write the code for dealing with identity and access.

In a posting on it’s website yesterday, Microsoft released some details of their next monthly security bulletin.

As part of the monthly security bulletin release cycle, Microsoft provides advance notification to our customers on the number of new security updates being released, the products affected, the aggregate maximum severity and information about detection tools relevant to the update. This is intended to help our customers plan for the deployment of these security updates more effectively.

One update is critical and concerning Microsoft windows, another is an update to the Malicious software removal tool and one non-security high priority update.

They will also be hosting a webcast where they will answer questions about these bulletins. TechNet Webcast: Information about Microsoft’s [MONTH] Security Bulletins (Level 100) on Wednesday, 14 September 11:00 AM (GMT-08:00) Pacific Time (US & Canada). Click here for more info.

On News.com they added this commentary, “Microsoft’s Thursday notice did not specify whether one of the patches will be for Internet Explorer. Over the last few weeks, several security researchers have come forward with flaws in the Web browser. Some of these vulnerabilities could let an attacker gain control of a user’s PC.”

This is one of the big ones they should be updating, along with the Windows operating system updates. With more and more people getting online everyday, there’s more and more potential of them getting loaded up with spyware or adware or viruses and helping spread the problem. The web browser nowadays needs to be rock solid, and with more and more people using Firefox or Opera, we are starting to see exploits and problems with them as well. Like this one concerning Firefox,

“A new, unpatched flaw in that affects all versions of Firefox could let attackers surreptitiously run malicious code on users’ PCs, a security researcher has warned. The security vulnerability is a buffer overflow flaw that “allows for an attacker to remotely execute arbitrary code” on a vulnerable PC, Ferris said. An attacker could host a Web site containing the malicious code to exploit the flaw, he said. Though his proof of concept only crashes Firefox, Ferris claims he has been able to tweak it to run code.”

So what do you do? Try Firefox, try Opera and try Internet Explorer, decide which you like the best and try your best to keep it updated.

UPDATE: As of September 6, 2002, reports of malicious activity that follow the particular pattern that is outlined in this article have lessened significantly. The Microsoft Product Support Services Security Team has modified this Microsoft Knowledge Base article to reflect this information and to refine suggestions for detection and repair criteria.

Microsoft has investigated an increase in malicious activity that tries to load code on Microsoft Windows 2000-based servers. This activity is typically associated with a program that has been identified as Backdoor.IRC.Flood.

By analyzing computers that have been compromised, Microsoft has determined that these attacks do not appear to exploit any new product-related security vulnerabilities and do not appear to be viral or worm-like in nature. Instead, the attacks seek to take advantage of situations where standard precautions have not been taken as detailed in the “Prevention” section of this article. The activity appears to be associated with a coordinated series of individual attempts to compromise Windows 2000-based servers. As a result, successful compromises leave a distinctive pattern.

Windows XP comes with improved security features that help you protect your computer and your information. However, you must maintain your computers by regularly installing the latest security updates from Microsoft.